Stefano Di Paola and Giorgio Fedon have discovered some vulnerabilities in Adobe Reader, which can be exploited by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, cause a DoS (Denial of Service), or to compromise a user’s system.

1) Input passed to a hosted PDF file is not properly sanitised by the browser plug-in before being returned to users.